DenyHosts / Bugs / #47 denyhosts uses insecure plain text protocol for synchronisat

#47 denyhosts uses insecure plain text protocol for synchronisat

Status: open-rejected

Owner: nobody

Labels: None

Priority: 5

Updated: 2010-05-25

Created: 2010-01-12

Creator: Anonymous

Private: No

Big security problem! The denyhosts sync service use http to sync ip addresses.

Discussion

Robert Wyatt - 2010-01-12

Out of curiosity, why is it a problem to send banned IP addresses in plain text?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Phil Schwartz - 2010-05-25

status: open --> open-rejected
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

rosch - 2012-10-14

Because the content can be messed with and the sync will not work any more as expected or the wrong addresses get added to hosts.deny.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.